On Tue, Dec 11, 2007 at 01:15:11AM +1300, Joel Wiramu Pauling wrote: > Tip. > > Don't allow password challenge. Problem solved. Just use key'd ssh and this > problem disappears. >
Bin there, done that. You answered the wrong question. I want to know if and what I can do (on the server side) about HTTP clients that put sockets on my httpd server in state CLOSE_WAIT and thereby chew up all sockets for the server causing a kind of denial of service state. And yes, I have googled for "HPPT server socket CLOSE_WAIT" and did not get much wiser. > > On 11/12/2007, Raimo Niskanen <[EMAIL PROTECTED]> wrote: > > > > I have a related problem, but I am not sure if the source > > IPs are nasty computers or just... > > > > # lsof -ni:www > > shows me lots of connections hanging in state CLOSE_WAIT > > from some hosts (often in China). These used to eat all > > sockets for httpd. Now I have a max-src-conn limit so > > it is not a real problem any more. > > > > I now also log hosts that succedes in getting many > > sockets in CLOSE_WAIT, and they are still there. > > > > What do the gurus say? What can I do about these hosts? > > > > > > > > On Fri, Dec 07, 2007 at 09:51:52AM -0800, badeguruji wrote: > > > I am getting constant hacking attempt into my computer > > > from following IPs. Although, I have configured my ssh > > > config and tcp-wrappers to deny such attempts. But I > > > wish some expert soul in this community 'fix' this > > > rouge hacker for ever, for everyones good. > > > > > > This hacker could be spoofing the IPs, but i have only > > > the IPs in my message logs(and a url)... > > > > > > 218.6.16.30 > > > 195.187.33.66 > > > 202.29.21.6 > > > 60.28.201.57 > > > 218.24.162.85 > > > wpc4643.amenworld.com > > > 202.22.251.23 > > > 219.143.232.131 > > > 220.227.218.21 > > > 124.30.42.36 > > > > > > -for community. > > > > > > -BG > > > > > > ________________________________ > > > ~~Kalyan-mastu~~ > > > > -- > > > > / Raimo Niskanen, Erlang/OTP, Ericsson AB -- / Raimo Niskanen, Erlang/OTP, Ericsson AB
